X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:cc:subject:message-id:reply-to
	:references:mime-version:content-type:in-reply-to; q=dns; s=
	default; b=EgU6cEBRnLhVJEEDSPvg4ondCjm9Knxni817gtyWATovrJSvA13Fz
	gUeBR695aqxn1agRaMrOf7DsB+judORvnMkJY/l++GbJHvXOhttphu5GJlK46mbw
	gyI9nCRHBy4TN8lk+hzxle88AldBZ2YlvF+m20swYbn/jYDjp8j/HA=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:cc:subject:message-id:reply-to
	:references:mime-version:content-type:in-reply-to; s=default;
	 bh=2JG2ddeJ7bwJDstxUUoyhNKQn3o=; b=DuVy5lGAFKEYmFxfcD/eqzLbdA4C
	zEVAgIClqgETU95NJVU5McN9f9ifHXeugIcgq4I5s4Y8GBRDXKcqHnXizCmuy51Z
	lUfDaFPaZQYADEE/FoJbnkcqZwqEzD8Lq7/PGv/RzCm/PcrpWhIWuDgLdL2QL7iH
	4JelLpiGSGyd62I=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-0.5 required=5.0 tests=AWL,BAYES_40 autolearn=ham version=3.3.2
X-HELO: calimero.vinschen.de
Date: Tue, 15 Oct 2013 17:01:29 +0200
From: Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To: cygwin AT cygwin DOT com
Cc: starlight DOT 2013z3 AT binnacle DOT cx
Subject: Re: /dev/random does not block, emits poor entropy
Message-ID: <20131015150129.GP18358@calimero.vinschen.de>
Reply-To: cygwin AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com, starlight DOT 2013z3 AT binnacle DOT cx
References: <6 DOT 2 DOT 5 DOT 6 DOT 2 DOT 20130919015353 DOT 03a25398 AT binnacle DOT cx> <20131015140052 DOT GE19383 AT calimero DOT vinschen DOT de> <6 DOT 2 DOT 5 DOT 6 DOT 2 DOT 20131015100723 DOT 066d3e48 AT binnacle DOT cx>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;	protocol="application/pgp-signature"; boundary="iRjOs3ViPWHdlw/I"
Content-Disposition: inline
In-Reply-To: <6.2.5.6.2.20131015100723.066d3e48@binnacle.cx>
User-Agent: Mutt/1.5.21 (2010-09-15)

--iRjOs3ViPWHdlw/I
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Oct 15 10:19, starlight DOT 2013z3 AT binnacle DOT cx wrote:
> Hardware RNG marketing is deceiving
> when it talks about "true" RNG since
> even quantum-effect number generators
> have non-random patterns that must
> be algorithmically cleansed.
> Rather than a "true" RNG or TRNG, one
> wants as CSPRNG (cryptographically
> secure pseudorandom number generator)
> that combines a good source of hardware
> entropy and appropriate purifying
> algorithms.

The Windows RtlGenRandom (the underlying implementation of
CryptGenRandom which Cygwin will use from now on)  already is a CSPRNG.
It's sort of reassuring that it already shows pretty good results when
used in the simple /dev/urandom form, given the latest NIST/NSA
entanglements.  This is on Vista SP1 and later.  The implementation on
older systems is somewhat weaker.

> People get quite hot about the topic,
> and apparently the Dilbert cartoon
> applies at all times, regardless:
>=20
> http://dilbert.com/strips/comic/2001-10-25/

:)


Corinna

--=20
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

--iRjOs3ViPWHdlw/I
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)

iQIcBAEBAgAGBQJSXVjJAAoJEPU2Bp2uRE+gYA4QAIZcNuGFWmwoAZBitiBPfwaz
tqvi5wAbxV4JdrzWToHJK6t5M+sT9E3gFzUa6ko4xDdKFLU1ddE5Hv1QfMwANyl3
KuqfGpxC7KwMH2TcwPEnn2DWfLN4MsO7gwPOJTgZ2jIH2fMvv0fkd1Fs2TTkVQGN
ETwvmCd9kgbG+CQg1gXhBXbjPPovBsrwwBv4Qd/hmkO+BrmN2w5SIM1Sk4kybcR/
quQI75qOxxotzdDdXPR69EmZH/4S9YyQ+5cFJF6g1h+WNwXmnxmJwWnekPMOwOfk
dmk30arVjs8dFuGcUXUkdDg3fwm2Z2xY9eQyuPPahnWZ//wQQuJppGEVihwja/U2
Uw3lqG9Lq7NyJcWOBbEAGsgFy62wmGazX+CizkVCCcSi5tVmLIX3oSw0IwCThF/a
R5JhRa16ibzFgSUEsYWaxOxen8ZRIk1aewPOfoTwi3vWk+C0kVXBxc2oh3MD8K9d
uMwrl5nAYparG2IUO8hougHlM5j77oTPl32FXtmfT7Vgkt49bvUjG6eYaahgluqK
DVPwD2znNkzvaF+8cdin+GMpEUpAe9i4Maxp5BPNZDvaaGEpAWygFB7FoZUfibqk
iJG4XCwSQ3fkdmPyXosvJd031cnSSIya1KjuD1e2FYewzluGF9FPlPufarnCjI41
4Pk4O1bnKiBupK0LzKA2
=kkS1
-----END PGP SIGNATURE-----

--iRjOs3ViPWHdlw/I--